On Saturday, I received a call at around 8PM; Coach’s Corner had just wrapped up. When the voice on the other end explained that she was calling on behalf of TD Canada Trust and wanted to verify my account information, I thought it seemed out of the ordinary – especially on a Saturday night. I thought it sounded fishy so I explained to her that I wasn’t home 🙂 My curiosity was piqued, so I logged into TD‘s online banking website and sure enough, $800 had disappeared from my chequing account via a Green Machine withdrawl a few hours earlier. It was a withdrawl that I know that I didn’t do, so I promptly called TD‘s 24-hour hotline. Apparently I was the victim of P.I.N. theft.
Somebody, somewhere, in a place where I had been had finagled a magnetic strip reader onto an Interac terminal. I’m pretty sure it was at an Interac terminal and not an ABM as I rarely use them. But I do use Interac at many places like grocery stores, gas stations, restaurants and so on. I do have my suspicions of where this might’ve happened as I do recall a certain Interac terminal at a certain gas station that I frequent as being a little out of the ordinary. I thought it was weird but quickly dismissed it. Lesson learned = listen more carefully to instinct in the future. But was my faith in technology shattered?
USB magnetic strip readers are fairly easy to come by. I’m not 100% certain but I’m pretty sure that the actual P.I.N. is not encoded on the strip. At least, I hope it’s not. Perhaps a hash of some type would be fine but I really do hope the P.I.N. itself isn’t on there. Either way, determining a P.I.N. number wouldn’t take too long to calculate with a fairly new computer. P.I.Ns are always 4 digits, so any debit card has 104 or 10000 possible permutations.
There is a happy ending to all of this. Yesterday, TD credited my chequing account for $800 and I got a new debit card (with a new P.I.N.). I would be interested in know how TD knew within a couple of hours of the scam; they alerted me within a couple of hours following the withdrawl. They must have some wicked stored database procedures and queries that can easily determine that something is amiss. I was reassured that technology is still continuing to be used in good ways for our benefit, so it’s safe to say those I won’t change careers paths and become an investment banker or heavy equipment operator any time soon 😉
PS: The scammer was pretty dumb. He/she withdrew the money from a TD Green Machine. Most Green Machines have surveilance cameras and obviously all transactions have a time stamp. I guess that’s what ski masks are for. How’s that for a non-technical hack? 😐
I had enough of hearing about how wonderful Ruby On Rails is, so I wanted to see it for myself. Being the type of person who’s interested in many things all at the same time, I had a reason to try out another much-talked about thing. In order to properly try out RoR, I wanted a decent web server, so I installed Ubuntu Linux. Ubuntu is by far the easiest Linux distro I’ve used thus far. As such, its installation is quite basic – aiming at the desktop user demographic. But that didn’t stop me, and Ubuntu makes it simple to add what you want. Sometimes I used apt-get and other times I used the GUI app that allows you to search for and install new and updated packages.
First, I needed web server software, so installing and configuring Apache 2.0 was my top priority. The next thing that I installed was PHP 5.0; I’m familiar with 3.x and 4.x but I thought I should begin to explore 5. MySQL 5 wasn’t available in the repository at the time, so I installed the latest 4 release. To make life easier, I installed PHPMyAdmin; normally I prefer a command line but sometimes I just need to stave the RSI symptoms. Then came time to install the Ruby interpreter. Finally, using Gems, I installed Rails.
After browsing some tutorials, I saw how easy it was to generate the skeleton of a data-driven web application with Ruby On Rails. As such, it got me thinking of what’s possible now that a lot of overhead is taken care of by RoR. I just need a way to narrow down my list of possible project ideas.
Take a look at my screenshots below of my Ubuntu web server.
php_info() | RoR WEBrick | PHPMyAdmin
Total time to get everything installed and configured = 1.5 hours 🙂
EDIT (09.05.2006): If you’re interested in learning how to install PHPMyAdmin on Ubuntu Linux, I’ve posted something explaining how to accomplish that here.
Sites like Pitchfork, CMJ and NME merely tell you which music is cool, instead of allowing you to voice your opinion. Enter Earlyfish.com – yeah, I don’t get the name either…Barry chose it 😉
Essentially, Barry, Pat and yours truly will mention albums of the moment that we’re into and allow for an open discussion of said albums.
Wake up early and go fishing, or something like that 😉
…I’ll be watching you. Or I’ll at least know where you are…or the vicinity 🙂
AJAX this and remote scripting that. I had more remote scripting fun writing Greasemonkey scripts. A professor of mine once told us “never assume that the client knows what they want”. It rings true often. As such, sometimes, doing things server-side is fine ‘n’ good. Case in point, I needed a reason to play around with the Google Maps API. Google Maps itself only allows you to enter address info to find a location. I’d rather do it other ways. What if I knew your IP address? Could I figure out where you are in the world? Indeed I can.
Google Maps IP Geocoder
All of the dirty work is done server-side and not client-side, so this isn’t AJAX. There’s apps on three separate and unrelated Web servers involved in this; my web server, HostIP.info‘s web server and Google‘s web server. I make them all come together to play nicely. I shall christen this technology to hearby be known as PHAX – the ‘PH’ from “PHP“, the ‘a’ in “and” and ‘X’ in “XML”. That’s somewhat lame, I know, but I could’ve done worse. I could’ve opted to use the “U” in Curl and called it PHUX 😉
Privacy Note: Don’t take my quoting of Police lyrics literally. For those not involved in software/web development or possesing technical knowledge of the inner workings of the Internet, don’t freak out. When you run Google Maps IP Geocoder, only you can see your location on the map. I can’t see it. The guy next door can’t see it. People half-way around the world can’t see it. This is merely a demonstration. It may even have useful applications, such as providing geographical locations of visitors to a website using IP addresses retreived from Web server logs and stats packages (I like Urchin).
Sure it’s fall, but spring cleaning can happen anytime and Windows power users know this all too well. I wipe and reinstall Windows twice a year since it has a habit of accumulating garbage. I’ve been doing this for many years, since Windows 3.1, so I don’t find it that big of an inconvenience. I keep my computer lean and clean, and as such, I almost wasn’t going to do a wipe ‘n’ reinstall. But it’s been sometime and I felt it was due.
While waiting for all of my backed up project files to be copied over to their original locations, I was rummaging around in the drawer of my computer desk and came across a 3.5″ floppy diskette labeled ‘Chris – OAC’; it was a disk of homework from my OAC year in highschool. As an aside for those not from Ontario or familiar with OAC, it was also known as Grade 13 (it was mandatory for students planning to go to university). I fired up a Windows Explorer window and browsed the diskette for a walk down memory lane. I found homework assignments for Physics, Biology, Chemistry and English. But what really caught my attention was a directory on the diskette called ‘Golf’. It contained a file called ‘Handicap.bas’ with a last-modifed date of ‘Wednesday, March 1, 1995, 4:33:04 PM’. “What the hell is this? [CRICKETS CHIRPING] Oh…yeah, that’s it.”
It was a program that Sean Claire and I wrote after hours at the Hollinger Golf Club. I’d say the work was divvied 70/30 in Sean’s favour; he had a Mechanical Engineering degree and more programming exposure. I was high school student who had just applied to the pharamacy programs at U of T (not accepted), University of Saskatchewan (accepted), Dalhousie (not accepted), Memorial University of Newfoundland (accepted), and of course LSSU (accepted…obviously). But we managed to write something in QBasic to determine a golfer’s handicap on a 486 33MHz Compaq Presario. It was later replaced by a province-wide networked system on that same Presario machine. For the curious, take a look at Handicap.bas’s source code; it’s a tad ugly 😉